From 52e6ddd0986f23ea364ff8e367da61f46bb26484 Mon Sep 17 00:00:00 2001
From: Scott Stroud <sstroud@confluent.io>
Date: Tue, 17 Aug 2021 12:20:00 -0600
Subject: [PATCH] jsonnet fun

---
 Dockerfile              | 12 ++++++++----
 hardening_manifest.yaml |  5 +++++
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index aa100c9..b0493ae 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -27,13 +27,16 @@ USER root
 
 ########################################
 ## Install Python
-RUN dnf update -y && dnf install -y python38.x86_64 python38-pip-wheel.noarch openssl tar procps iputils hostname \
+RUN dnf update -y --nodocs && dnf install -y --nodocs python38.x86_64 python38-pip-wheel.noarch openssl tar procps iputils hostname make gcc-c++ python3-devel libffi-devel \
+    && pip3 install --upgrade pip \
     && ln -s /usr/bin/python3 /usr/bin/python \
     && ln -s /usr/bin/pip3 /usr/bin/pip \
     && alias python=python3 \
+    && alias pip=pip3 \
     && alternatives --set python /usr/bin/python3 \
     && dnf clean all \
     && rm -rf /var/cache/dnf
+    
 
 ## Python Installed
 ########################################
@@ -46,7 +49,8 @@ COPY confluent_docker_utils-0.0.44-py3-none-any.whl /tmp/confluent_docker_utils-
 COPY *.whl /tmp/python-dependencies/
 COPY *.gz  /tmp/python-dependencies/
 
-RUN pip3 install --no-index --prefix=/usr/local --upgrade --find-links /tmp/python-dependencies/ /tmp/confluent_docker_utils-0.0.44-py3-none-any.whl
+RUN pip3 install --prefix=/usr/local --upgrade --find-links /tmp/python-dependencies/ /tmp/confluent_docker_utils-0.0.44-py3-none-any.whl jsonnet \
+    && pip3 install jsonnet requests
 ## dub installed
 ########################################
 
@@ -63,10 +67,10 @@ WORKDIR /opt/
 ENV CONFIG_DIR=/mnt/config
 ENV CUB_CLASSPATH='"/usr/share/java/cp-base-new/*"'
 COPY scripts/licenses /licenses
-# COPY jsonnet /usr/local/bin/jsonnet
+COPY jsonnet /usr/local/bin/jsonnet
 COPY scripts/ /opt
 
-RUN chmod -R ag+wx "/opt"
+RUN chmod -R ag+wx "/opt" /usr/local/bin/jsonnet
 
 ENTRYPOINT ["/opt/startup.sh"]
 
diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml
index 2ba1148..be81177 100644
--- a/hardening_manifest.yaml
+++ b/hardening_manifest.yaml
@@ -223,6 +223,11 @@ resources:
   validation:
     type: sha256
     value: 7e2622a934f04a2e5b23a355f920473ccf0144e946b433bc619a9802c1e3785c
+- filename: jsonnet
+  url: https://ironbank-files.s3.amazonaws.com/jsonnet
+  validation:
+    type: sha256
+    value: 9ce7dfdedd3b742bd9a0afb8aa25afe3f5e040e80754aba01868f4a6ae163a2a 
 
 # List of project maintainers
 maintainers:
-- 
GitLab